[kismac] Re: weak IVs
- From: Lasse Jespersen <l.j@xxxxx>
- To: kismac@xxxxxxxxxxxxx
- Date: Mon, 12 Jul 2004 15:17:39 +0200
The question that begs to be asked is then: Has this new feature worked
in your tests? Or is it theoretical? If it HAS worked, how long do you
reckon I would have to pick up traffic from a given wlan to be able to
At some point in the process, Ill want to try an attack on the dump,
and doing THAT -stops- the sniffing process, forcing me to restart it
later if I want to continue my attack -- obviously if the first attack
I'd use pcapmerge ( pcapmerge.sf.net afair ) to merge the different
pcapdumps, but thus far I havent used it. I assume it will be able to
merge dump1 with dump2 with dump3 et cetera, is this correct? ( it's a
perlscript so it would work with no problems in osx ).
I tried using the kismac pcapdumps with dwepcrack ( the newest ( yet
old ) release of bsd-airtools ), but receieved some errors about
dwepcrack being unable to read these dumps.. Thought this might be of
interest to you.
May I be so bold as to inquire when you'll continue working - if only a
little - on the greatest stumbler of all time? I hate dstumbler and
kismet with a passion..
Thanks if you do, thanks if you dont..
On 11. jul 2004, at 18:44, Michael Rossberg wrote:
using kismac 0.12a i joyfully collected some 8000 weak IVs from a
nearby network. however this was insufficient to crack wep. when i
imported the pcap dump into 0.11b, i had 1 weak IV in total... I can
provide this dump if it will help fix what appears to be a bug.
this is actually a feature. i outlined it briefly in a mail in may.
the idea is the following. there are a number of ivs, which are always
weak. this is what airsnort usually collects and what was told in the
FMS paper. however there are ivs which can be weak, depending on the
chosen key. this is an additional vulnerability which was discovered
by h1kari <http://www.dachb0den.com/projects/bsd-airtools/wepexp.txt>.
kismac will keep this packets too, and do the selection of weak or not
later on. hope this helps
Other related posts: